[PR #24489] [CLOSED] fix: validate redirect targets during RAG web ingestion #98716

Closed
opened 2026-05-16 01:32:58 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/open-webui/open-webui/pull/24489
Author: @Dawn-Fighter
Created: 5/9/2026
Status: Closed

Base: devHead: fix-rag-redirect-validation


📝 Commits (1)

  • bd0cd12 fix: validate redirect targets during RAG web ingestion

📊 Changes

2 files changed (+51 additions, -2 deletions)

View changed files

📝 backend/open_webui/retrieval/utils.py (+2 -2)
📝 backend/open_webui/retrieval/web/utils.py (+49 -0)

📄 Description

Pull Request Checklist

Before submitting, make sure you've checked the following:

  • Target branch: Verify that the pull request targets the dev branch. PRs targeting main will be immediately closed.
  • Description: Provide a concise description of the changes made in this pull request down below.
  • Changelog: Ensure a changelog entry following the format of Keep a Changelog is added at the bottom of the PR description.
  • Documentation: No user-facing behavior, environment variables, public APIs/interfaces, or deployment steps are changed.
  • Dependencies: No new or upgraded dependencies.
  • Testing: Manual validation was performed. No test files are included.
  • Agentic AI Code: This pull request has gone through additional human review and manual testing.
  • Code review: I performed a self-review of the code and kept the change atomic.
  • Design & Architecture: This uses existing URL validation behavior and avoids adding new settings.
  • Git Hygiene: This PR contains one logical change and is based on dev.
  • Title Prefix: The title uses the fix prefix.

Changelog Entry

Description

  • Validates redirect targets during requests-based RAG web URL ingestion, preventing a public URL from redirecting backend ingestion to private/local network resources after the initial URL validation.

Added

  • None.

Changed

  • Requests-based web ingestion now follows redirects manually through a safe helper that validates each redirect destination.

Deprecated

  • None.

Removed

  • None.

Fixed

  • Fixed requests-based RAG URL ingestion paths following redirects without validating each redirect destination.

Security

  • Prevents public URLs from redirecting backend web ingestion to localhost, private networks, or cloud metadata endpoints when local web fetch is disabled.

Breaking Changes

  • None.

Additional Information

Manual validation performed:

  • Verified requests-based redirect handling rejects public-to-private redirect targets.
  • Verified public-to-public redirect handling continues to work.
  • App smoke checks passed:
    • /health returned 200 {"status": true}
    • /ready returned 200 {"status": true}

No test files are included.

Screenshots or Videos

  • Not applicable; backend security fix.

Contributor License Agreement

Note

Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in.


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/open-webui/open-webui/pull/24489 **Author:** [@Dawn-Fighter](https://github.com/Dawn-Fighter) **Created:** 5/9/2026 **Status:** ❌ Closed **Base:** `dev` ← **Head:** `fix-rag-redirect-validation` --- ### 📝 Commits (1) - [`bd0cd12`](https://github.com/open-webui/open-webui/commit/bd0cd12150ef91ae1b33c23d8825726379103a66) fix: validate redirect targets during RAG web ingestion ### 📊 Changes **2 files changed** (+51 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `backend/open_webui/retrieval/utils.py` (+2 -2) 📝 `backend/open_webui/retrieval/web/utils.py` (+49 -0) </details> ### 📄 Description # Pull Request Checklist **Before submitting, make sure you've checked the following:** - [x] **Target branch:** Verify that the pull request targets the `dev` branch. **PRs targeting `main` will be immediately closed.** - [x] **Description:** Provide a concise description of the changes made in this pull request down below. - [x] **Changelog:** Ensure a changelog entry following the format of [Keep a Changelog](https://keepachangelog.com/) is added at the bottom of the PR description. - [x] **Documentation:** No user-facing behavior, environment variables, public APIs/interfaces, or deployment steps are changed. - [x] **Dependencies:** No new or upgraded dependencies. - [x] **Testing:** Manual validation was performed. No test files are included. - [x] **Agentic AI Code:** This pull request has gone through additional human review and manual testing. - [x] **Code review:** I performed a self-review of the code and kept the change atomic. - [x] **Design & Architecture:** This uses existing URL validation behavior and avoids adding new settings. - [x] **Git Hygiene:** This PR contains one logical change and is based on `dev`. - [x] **Title Prefix:** The title uses the `fix` prefix. # Changelog Entry ### Description - Validates redirect targets during requests-based RAG web URL ingestion, preventing a public URL from redirecting backend ingestion to private/local network resources after the initial URL validation. ### Added - None. ### Changed - Requests-based web ingestion now follows redirects manually through a safe helper that validates each redirect destination. ### Deprecated - None. ### Removed - None. ### Fixed - Fixed requests-based RAG URL ingestion paths following redirects without validating each redirect destination. ### Security - Prevents public URLs from redirecting backend web ingestion to localhost, private networks, or cloud metadata endpoints when local web fetch is disabled. ### Breaking Changes - None. --- ### Additional Information Manual validation performed: - Verified requests-based redirect handling rejects public-to-private redirect targets. - Verified public-to-public redirect handling continues to work. - App smoke checks passed: - `/health` returned `200 {"status": true}` - `/ready` returned `200 {"status": true}` No test files are included. ### Screenshots or Videos - Not applicable; backend security fix. ### Contributor License Agreement - [x] By submitting this pull request, I confirm that I have read and fully agree to the [Contributor License Agreement (CLA)](https://github.com/open-webui/open-webui/blob/main/CONTRIBUTOR_LICENSE_AGREEMENT), and I am providing my contributions under its terms. > [!NOTE] > Deleting the CLA section will lead to immediate closure of your PR and it will not be merged in. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-16 01:32:58 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/open-webui#98716